Export limit exceeded: 19711 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19711 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-2776 | 1 Sellatsite.com | 1 Smart Asp Survey | 2026-04-23 | N/A |
| SQL injection vulnerability in showresult.asp in Smart ASP Survey allows remote attackers to execute arbitrary SQL commands via the catid parameter. | ||||
| CVE-2009-2777 | 1 Garagesalesjunkie | 1 Garagesales Script | 2026-04-23 | N/A |
| SQL injection vulnerability in visitor/view.php in GarageSales Script allows remote attackers to execute arbitrary SQL commands via the key parameter. | ||||
| CVE-2009-2885 | 1 Phpscriptsnow | 1 World\'s Tallest Buildings | 2026-04-23 | N/A |
| SQL injection vulnerability in bios.php in PHP Scripts Now World's Tallest Buildings allows remote attackers to execute arbitrary SQL commands via the rank parameter. | ||||
| CVE-2008-6124 | 2 Debian, Moodle | 2 Debian Linux, Moodle | 2026-04-23 | N/A |
| SQL injection vulnerability in the hotpot_delete_selected_attempts function in report.php in the HotPot module in Moodle 1.6 before 1.6.7, 1.7 before 1.7.5, 1.8 before 1.8.6, and 1.9 before 1.9.2 allows remote attackers to execute arbitrary SQL commands via a crafted selected attempt. | ||||
| CVE-2009-2891 | 1 Phpscriptsnow | 1 Riddles | 2026-04-23 | N/A |
| SQL injection vulnerability in list.php in PHP Scripts Now Riddles allows remote attackers to execute arbitrary SQL commands via the catid parameter. | ||||
| CVE-2009-3193 | 2 Joomla, Uwix | 2 Joomla, Com Digifolio | 2026-04-23 | N/A |
| SQL injection vulnerability in the DigiFolio (com_digifolio) component 1.52 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a project action to index.php. | ||||
| CVE-2009-0542 | 1 Proftpd Project | 1 Proftpd | 2026-04-23 | N/A |
| SQL injection vulnerability in ProFTPD Server 1.3.1 through 1.3.2rc2 allows remote attackers to execute arbitrary SQL commands via a "%" (percent) character in the username, which introduces a "'" (single quote) character during variable substitution by mod_sql. | ||||
| CVE-2009-3336 | 1 Phpprobid | 1 Php Pro Bid | 2026-04-23 | N/A |
| SQL injection vulnerability in auction_details.php in PHP Pro Bid allows remote attackers to execute arbitrary SQL commands via the auction_id parameter. | ||||
| CVE-2008-6120 | 1 Socialengine | 1 Socialengine | 2026-04-23 | N/A |
| SQL injection vulnerability in profile_comments.php in SocialEngine (SE) 2.7 and earlier allows remote attackers to execute arbitrary SQL commands via the comment_secure parameter. | ||||
| CVE-2008-6117 | 1 Pilotgroup | 1 Pg Job Site Pro | 2026-04-23 | N/A |
| SQL injection vulnerability in homepage.php in PG Job Site Pro allows remote attackers to execute arbitrary SQL commands via the poll_view_id parameter in a results action. | ||||
| CVE-2009-3326 | 1 Cmscontrol | 1 Cmscontrol | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in CMScontrol Content Management System 7.x allows remote attackers to execute arbitrary SQL commands via the id_menu parameter. | ||||
| CVE-2009-3361 | 1 Paul Gibbs | 1 Php-ipnmonitor | 2026-04-23 | N/A |
| SQL injection vulnerability in index.php in PHP-IPNMonitor allows remote attackers to execute arbitrary SQL commands via the maincat_id parameter. | ||||
| CVE-2009-3434 | 3 Joomla, Mambo, Onestopjoomla | 3 Joomla, Mambo, Com Tupinambis | 2026-04-23 | N/A |
| SQL injection vulnerability in the Tupinambis (com_tupinambis) component 1.0 for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the proyecto parameter in a verproyecto action to index.php. | ||||
| CVE-2009-3501 | 1 Bpowerhouse | 1 Bpstudents | 2026-04-23 | N/A |
| SQL injection vulnerability in students.php in BPowerHouse BPStudents 1.0 allows remote attackers to execute arbitrary SQL commands via the test parameter in a preview action. | ||||
| CVE-2009-4099 | 2 G4j.laoneo, Joomla | 2 Com Gcalendar, Joomla | 2026-04-23 | N/A |
| SQL injection vulnerability in the Google Calendar GCalendar (com_gcalendar) component 1.1.2, 2.1.4, and possibly earlier versions for Joomla! allows remote attackers to execute arbitrary SQL commands via the gcid parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2008-4169 | 1 Iscripts | 1 Easyindex | 2026-04-23 | N/A |
| SQL injection vulnerability in detaillist.php in iScripts EasyIndex, possibly 1.0, allows remote attackers to execute arbitrary SQL commands via the produid parameter. | ||||
| CVE-2007-5704 | 1 Codewidgets | 1 Online Event Registration Template | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in CodeWidgets.com Online Event Registration Template allow remote attackers to execute arbitrary SQL commands via the (1) Email Address and (2) Password fields in (a) login.asp and (b) admin_login.asp. | ||||
| CVE-2008-1591 | 1 Postnuke | 1 Postnuke | 2026-04-23 | N/A |
| The pnVarPrepForStore function in PostNuke 0.764 and earlier skips input sanitization when magic_quotes_runtime is enabled, which allows remote attackers to conduct SQL injection attacks and execute arbitrary SQL commands via input associated with server variables, as demonstrated by the CLIENT_IP HTTP header (HTTP_CLIENT_IP variable). | ||||
| CVE-2006-7170 | 1 Koan Software | 1 Mega Mall | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in Koan Software Mega Mall allow remote attackers to execute arbitrary SQL commands via the (1) t, (2) productId, (3) sk, (4) x, or (5) so parameter to (a) product_review.php; or the (6) orderNo parameter to (b) order-track.php. | ||||
| CVE-2006-7232 | 3 Canonical, Mysql, Redhat | 3 Ubuntu Linux, Mysql, Enterprise Linux | 2026-04-23 | N/A |
| sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY. | ||||